In gmane.os.openbsd.misc, Otto wrote: > On Tue, Dec 30, 2014 at 11:09:44AM -0200, Raimundo Santos wrote: > >> Hello misc@! >> >> I have a router (peaking at 70Mbps of aggregated traffic) that acts as a >> recursive internal DNS server too (this configuration will die >> soon, as my traffic is growing), but Unbound keep saying, in >> /var/log/messages: >> >> Dec 30 09:57:07 myhost unbound: [3873:0] error: can't create socket: Too >> many open files >> Dec 30 09:57:08 myhost last message repeated 20284 times >> Dec 30 10:26:48 myhost unbound: [3873:0] error: can't create socket: Too >> many open files >> Dec 30 10:26:50 myhost last message repeated 24896 times >> >> Sometimes it says: >> >> Dec 27 21:49:19 myhost unbound: [2565:0] notice: sendto failed: No buffer >> space available >> >> I have: >> >> kern.maxfiles=16384 >> kern.somaxconn=16384 >> >> And in login.conf: >> >> daemon:\ >> :ignorenologin:\ >> :datasize=infinity:\ >> :maxproc=infinity:\ >> :openfiles-cur=4096:\ >> :openfiles-max=8192:\ >> :stacksize-cur=8M:\ >> :localcipher=blowfish,9:\ >> :tc=default: >> >> unbound:\ >> :ignorenologin:\ >> :datasize=infinity:\ >> :maxproc=infinity:\ >> :openfiles-cur=8192:\ >> :openfiles-max=16384:\ >> :stacksize-cur=32M:\ >> :localcipher=blowfish,9:\ >> :tc=default: >> >> With many resources just for Unbound, how can it keep complaining? > > There's an undocumented "feature" with unbound: it (only) sets its > resource limits based on the class of its user (_unbound by default). > > So set the class of the _unbound user to unbound and you're all set. > > -Otto
This would probably be less surprising. Comments, anyone? Index: master.passwd =================================================================== RCS file: /cvs/src/etc/master.passwd,v retrieving revision 1.78 diff -u -p -r1.78 master.passwd --- master.passwd 15 Sep 2014 22:28:58 -0000 1.78 +++ master.passwd 17 Feb 2015 00:42:50 -0000 @@ -9,7 +9,7 @@ _rstatd:*:30:30::0:0:rpc.rstatd:/var/emp _rusersd:*:32:32::0:0:rpc.rusersd:/var/empty:/sbin/nologin _fingerd:*:33:33::0:0:fingerd:/var/empty:/sbin/nologin _x11:*:35:35::0:0:X Server:/var/empty:/sbin/nologin -_unbound:*:53:53::0:0:Unbound Daemon:/var/unbound:/sbin/nologin +_unbound:*:53:53:unbound:0:0:Unbound Daemon:/var/unbound:/sbin/nologin _spamd:*:62:62::0:0:Spam Daemon:/var/empty:/sbin/nologin uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/var/spool/uucppublic:/sbin/nologin www:*:67:67::0:0:HTTP Server:/var/www:/sbin/nologin
